package com.czm.art_light.util;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.security.Keys;
import lombok.experimental.UtilityClass;
import lombok.extern.slf4j.Slf4j;
import java.nio.charset.StandardCharsets;
import java.util.Objects;

/**
 * JWT 工具类
 */
@UtilityClass
@Slf4j
public class JwtUtils {

    /**
     * JWT 加密密钥
     */
    private static final String SECRET = "E66559580A1ADF48CDD928516062F12E";

    /**
     * 定义系统标识头常量
     */
    private static final String HEADER_SYSTEM_KEY = "systemKeyHeader";

    /**
     * 根据用户ID生成JWT
     *
     * @param uid       用户ID
     * @param systemKey 系统标识
     * @return JWT
     */
    public String generateToken(Integer uid, String systemKey) {
        return Jwts.builder().setHeaderParam(HEADER_SYSTEM_KEY, systemKey).setSubject(uid.toString())
                //HMAC-SHA算法和一个密钥对JWT进行签名
                .signWith(Keys.hmacShaKeyFor(SECRET.getBytes(StandardCharsets.UTF_8))).compact();
    }

/*    public static void main(String[] args) {
        Jws<Claims> claimsJws;
//        String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsInN5c3RlbUtleUhlYWRlciI6ImZyb250In0.eyJzdWJqZWN0IjoiNSJ9.YQR0vthMU3vqqSLZTDOsAzNEC8Ptf4xBn6NlSRuueOo";
//        String token = "eyJzeXN0ZW1LZXlIZWFkZXIiOiJmcm9udCIsImFsZyI6IkhTMjU2In0.eyJzdWIiOiI1In0.jiy3AL-EIkyyqIrKllJAYYk69tJlcoJ6z-_wxRTKMN0";
        String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsInN5c3RlbUtleUhlYWRlciI6ImZyb250In0.eyJzdWIiOiI1In0.PlzAFei4UfQEjDHva2LSlq9ttKV2fLC8UMdmxCt6sy8";
        try {
            claimsJws = Jwts.parserBuilder().setSigningKey(Keys.hmacShaKeyFor(SECRET.getBytes(StandardCharsets.UTF_8))).build().parseClaimsJws(token);
            // OK, we can trust this JWT
            // 判断该 JWT 是否属于指定系统
            System.out.println("claimsJws = " + claimsJws);
            if (Objects.equals(claimsJws.getHeader().get(HEADER_SYSTEM_KEY), "front")) {
                System.out.println("userId = " + Long.parseLong(claimsJws.getBody().getSubject()));
            }
        } catch (JwtException e) {
            log.warn("JWT解析失败:{}", token);
            // don't trust the JWT!
        }
    }*/

    /**
     * 解析JWT返回用户ID
     *
     * @param token     JWT
     * @param systemKey 系统标识
     * @return 用户ID
     */
    public Integer parseToken(String token, String systemKey) {
        Jws<Claims> claimsJws;
        try {
            claimsJws = Jwts.parserBuilder().setSigningKey(Keys.hmacShaKeyFor(SECRET.getBytes(StandardCharsets.UTF_8))).build().parseClaimsJws(token);
            // OK, we can trust this JWT
            // 判断该 JWT 是否属于指定系统
            if (Objects.equals(claimsJws.getHeader().get(HEADER_SYSTEM_KEY), systemKey)) {
                return Integer.parseInt(claimsJws.getBody().getSubject());
            }
        } catch (JwtException e) {
            log.warn("JWT解析失败:{}", token);
            // don't trust the JWT!
        }
        return null;
    }

}
